Patterns for Supporting Information Cards ON Web Sites

For someone who has had to sign onto 3 community sites today, each without any SSL support, each with a different credential and password format, this kind of guidance has not come soon enough in my opinion. This document describes patterns for implementing Personal Information Card support on Web sites. Web site developers can use this document to create sites that take advantage of Information Cards to improve the ease of use and security of their user experience.

For the user, it means that they can distinguish phishing attacks (we all get the eBay or PayPal emails ), remove the need to have to store different usernames and passwords on every site and allows the user to be in control of security, in an open standard way.

For developers, after meeting a set of basic prerequisites, Web site developers can support account registration and sign-in using Information Cards without having to alter their session management procedures. Developers can also support the use of Information Cards along with traditional password authentication techniques. These distinct techniques can complement one another or provide alternative authentication options for users. In addition, developers can provide for recovery of lost Information Cards to regain account access.